The present disclosure relates generally to data security and, more particularly, to systems and methods for context-based policy evaluation in an enterprise cloud storage environment
Modern data storage systems that provide access to electronic files and other data over the internet generally incorporate standard access control techniques, such as encryption, password protection, and file permissions. For example, such systems can deny access to unauthorized users that do not have a valid username and password, and can limit the types of operations (e.g., read, write, modify, delete) that can be performed by authorized users with respect to specific individual files and/or folder structures. However, these access controls are limited by their failure to account for the context associated with a user and/or a requested operation and, as such, result in an all-or-nothing approach that exposes electronic data storage systems to additional risks.